Data Security Checklist (PDF) - US Department （数据安全检查表(PDF)我们部门）.pdf

For more information please visit the Privacy Technical Assistance Center: /ptac Data Security Checklist Overview The U.S. Department of Education established the Privacy Technical Assistance Center (PTAC) as a “one-stop” resource for education stakeholders to learn about data privacy, confidentiality, and security practices related to student-level longitudinal data systems. PTAC provides timely information and updated guidance on privacy, confidentiality, and security practices through a variety of resources, including training materials and opportunities to receive direct assistance with privacy, security, and confidentiality of longitudinal data systems. More PTAC information is available on /ptac. Purpose The purpose of this checklist is to assist stakeholder organizations, such as state and local educational agencies, with developing and maintaining a successful data security program. A data security program is a vital component of an organizational data governance plan, and involves management of people, processes, and technology to ensure physical and electronic security of an organization’s data. A comprehensive security program is critical to protecting the individual privacy and confidentiality of education records. Solutions and procedures supporting data security operations of education agencies should address their unique challenges, including the need to protect personally identifiable information (PII) while maintaining quality, transparency, and necessary access to the data. To ensure that all aspects of a security plan are executed properly, the program should offer clear guidance and tools for implementing security measures . The summary below lists essential components that should be considered when building a data security program. More information on terms discussed in this checklist is available on /policy/gen/guid/ptac/glossary